Data warehouse users, such as production support team members, often utilize generic user ID's to obtain access to a data warehouse. The production support team may perform various tasks at the data warehouse, such as testing, maintenance, and break-fix tasks. In order to sign on to the data warehouse, the user will need the generic user ID along with a password. Since generic user ID's are used by multiple support teams, it is often necessary to store the password in clear text at a secure location. This location may include a particular internal website, file, or at an offsite location. However, even attempts to store passwords at a secure location are not effective as the password is shared and known by many users.
As more users become aware of a single password, the likelihood of the password becoming compromised increases. The use of a single hard coded password often leads to poor password management procedures and enables users to store or copy the password to insecure locations or share with unauthorized individuals. Moreover, even certain safeguards, such as requiring a password reset on a 30-90 day schedule still leads to password compromise as users often reset the password to a predictable or easy-to-guess value. Such password compromise could lead to accidental or malicious modification or disclosure of confidential information. Furthermore, it is almost impossible to determine the extent of password dissemination amongst unauthorized users.